|
246391
|
7.5 |
HIGH
Network
|
bitotal
|
bitotal
|
Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13130
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246392
|
7.5 |
HIGH
Network
|
sp8de
|
sp8de
|
SP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13129
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246393
|
7.5 |
HIGH
Network
|
etherty
|
etherty_token
|
Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13128
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246394
|
7.5 |
HIGH
Network
|
sp8de
|
sp8de_presale_token
|
SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13127
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246395
|
7.5 |
HIGH
Network
|
moxy
|
moxyonepresale
|
MoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13126
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246396
|
9.8 |
CRITICAL
Network
|
onefilecms
|
onefilecms
|
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file.
|
CWE-200
Information Exposure
|
CVE-2018-13123
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246397
|
6.5 |
MEDIUM
Network
|
onefilecms
|
onefilecms
|
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-13122
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246398
|
5.5 |
MEDIUM
Local
|
realnetworks
|
realone_player
|
RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-13121
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246399
|
9.8 |
CRITICAL
Network
|
zzcms
|
zzcms
|
/user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use of the zzcms_ask table.
|
CWE-89
SQL Injection
|
CVE-2018-13116
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246400
|
7.5 |
HIGH
Network
|
easy_trading_token_project
|
easy_trading_token
|
The transfer and transferFrom functions of a smart contract implementation for Easy Trading Token (ETT), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13113
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
